metasploit

General

Target

Accounts.exe
Size

72KB
Sample

250326-rbsxfsyjx7
MD5

c4cdc9339fd011ad37343ae78b0ac1ca
SHA1

afec1b8313a50a77d94cc90adac3cd9760d54c13
SHA256

bb45c429eb89c608955e6be294cdf1fd04f93fbe4f7404646a5ec61909349ab9
SHA512

8a06e34ef64057798ee23fe68fd1986fcba4c31ab63ab8174cff99c9573ec484795f6a1d5f374f7c162f669e70b57c904d4f69799a7fc4e93fc6d77f2a17c6b5
SSDEEP

1536:I5brQdhRXP8nKk043eFj62Mb+KR0Nc8QsJq39:Y4NXP8nhgW2e0Nc8QsC9

Score

10^/10

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://89.197.154.116:7810/3YZTBQ0GC8KnG6YawPl6Mgz0SxPZaRsi_90j21JnLh06BUCTxqSYQSXq2kUtERpN-N0gOu_rEQPmJD0K2aYCURoIcsBtBmn9lNaP2BTIV0Qjrn_Q3PNQu4TgvDjF2TK1ORITX7MdyZp277NZKK3EZ0q-lrqP

Targets

- Target
  
  Accounts.exe
- Size
  
  72KB
- MD5
  
  c4cdc9339fd011ad37343ae78b0ac1ca
- SHA1
  
  afec1b8313a50a77d94cc90adac3cd9760d54c13
- SHA256
  
  bb45c429eb89c608955e6be294cdf1fd04f93fbe4f7404646a5ec61909349ab9
- SHA512
  
  8a06e34ef64057798ee23fe68fd1986fcba4c31ab63ab8174cff99c9573ec484795f6a1d5f374f7c162f669e70b57c904d4f69799a7fc4e93fc6d77f2a17c6b5
- SSDEEP
  
  1536:I5brQdhRXP8nKk043eFj62Mb+KR0Nc8QsJq39:Y4NXP8nhgW2e0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Metasploit family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2